Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Display System Log Files

Use Feature Explorer to confirm platform and release support for specific features.

Review the Platform-Specific System Logging Behavior section for notes related to your platform.

Display a Log File from a Single-Chassis System

To display a log file stored on a single-chassis system, enter Junos OS CLI operational mode and issue either of the following commands:

By default, the commands display the file stored on the local Routing Engine. To display the file stored on a particular Routing Engine, prefix the file or pathname with the string re0 or re1 and a colon. The following examples both display the /var/log/messages file stored on the Routing Engine in slot 1:

For information about the fields in a log message, see Interpreting Messages Generated in Standard Format by a Junos OS Process or Library, Interpreting Messages Generated in Standard Format by Services on a PIC, and Interpreting Messages Generated in Structured-Data Format. For examples, see Log File Sample Content.

Log File Sample Content

This topic contains sample content from the /var/log directory. You can display the contents of the /var/log/messages file stored on the local Routing Engine. (The /var/log directory is the default location for log files, so you do not need to include it in the filename. The messages file is a commonly configured destination for system log messages.)

Note:

In Junos OS Evolved, the messages file is only written on the primary Routing Engine. Backup Routing Engine messages are found in the messages file on the primary Routing Engine.

You can display the contents of the file /var/log/processes, which has been previously configured to include messages from the daemon facility. When issuing the file show command, you must specify the full pathname of the file:

You can display the contents of the file /var/log/processes when the explicit-priority statement is included at the [edit system syslog file processes] hierarchy level:

Warning Message Support for Throughput Overuse:

The device supports up to 20 Gbps and 7 Mpps of Internet mix (IMIX) firewall performance. When IMIX throughput exceeds these limits, new log messages are generated. These log messages serve as reminders that throughput overuse is occurring. You can see the following sample log messages when you issue the show log messages command.

As a reminder of throughput overuse, every 15 minutes the system calculates how many minutes the throughout has exceeded 20 Gbps and 7 Mpps. The system triggers a log message if the throughput has exceeded more than 1 minute, 30 seconds (10%) of the last 15 minutes. For example, suppose you see the following log message:

It means your throughput has exceeded 20 Gbps and 7 Mpps for 5 minutes, 15 seconds of the last 15 minutes (35% of 15 minutes) that triggered the log message.

To turn off this log message, we recommend that you bring down the throughput level below 20 Gbps and 7 Mpps or install the enhanced performance upgrade license.

Note:

This feature requires a license. Please refer to the Juniper Licensing Guide for general information about License Management. Please refer to the product Data Sheets at SRX Series Services Gateways for details, or contact your Juniper Account Team or Juniper Partner.

Display MD5 Log Files

Junos OS and Junos OS Evolved BGP supports authentication for protocol exchanges. When you configure TCP Message Digest 5 (MD5) authentication for BGP protocol on the neighboring routing devices to verify the authenticity of BGP packets, the following log warning messages stored in /var/log/messages/ are displayed:

On Junos OS,

When MD5 configured on local but not on peer device,

When MD5 configured on peer but not on local device,

When MD5 is configured on both the routers and there is authentication password mismatch, the following log is displayed:

On Junos OS Evolved,

When TCP MD5 authentication is configured on local but not on peer device, the log messages are not available.

When TCP MD5 authentication is configured on peer but not on local device, the log messages are not available.

When MD5 is configured on both the routers and there is authentication password mismatch, the following log is displayed: